feat: prevent call bursts on oidc provider refresh
All checks were successful
Cadoles/bouncer/pipeline/head This commit looks good
All checks were successful
Cadoles/bouncer/pipeline/head This commit looks good
This commit is contained in:
@ -1,13 +1,8 @@
|
||||
package oidc
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/cache/memory"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/cache/ttl"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/proxy/director/layer/authn"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/store"
|
||||
"github.com/coreos/go-oidc/v3/oidc"
|
||||
"github.com/gorilla/sessions"
|
||||
)
|
||||
|
||||
@ -15,14 +10,11 @@ const LayerType store.LayerType = "authn-oidc"
|
||||
|
||||
func NewLayer(store sessions.Store, funcs ...OptionFunc) *authn.Layer {
|
||||
opts := NewOptions(funcs...)
|
||||
return authn.NewLayer(LayerType, &Authenticator{
|
||||
httpTransport: opts.HTTPTransport,
|
||||
httpClientTimeout: opts.HTTPClientTimeout,
|
||||
store: store,
|
||||
oidcProviderCache: ttl.NewCache(
|
||||
memory.NewCache[string, *oidc.Provider](),
|
||||
memory.NewCache[string, time.Time](),
|
||||
opts.OIDCProviderCacheTimeout,
|
||||
),
|
||||
}, opts.AuthnOptions...)
|
||||
authenticator := NewAuthenticator(
|
||||
opts.HTTPTransport,
|
||||
opts.HTTPClientTimeout,
|
||||
store,
|
||||
opts.OIDCProviderCacheTimeout,
|
||||
)
|
||||
return authn.NewLayer(LayerType, authenticator, opts.AuthnOptions...)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user